Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Festplattenzugriff sehr langsam - Malware?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.04.2014, 22:18   #1
trojanertoni
 
Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Hallo,

ich habe einen 3,5 Jahre alten Win 7 Laptop, der schon mehrmals wegen "Kleinigkeiten" in der Reparatur war (ich habe eine Extra-Versicherung dazu abgeschlossen, die sich schon sehr gelohnt hat).

Das letzte Mal war er in der Reparatur, weil die Festplattenverkleidung gebrochen war. Danach hat er einige Monate lang sehr gut funktioniert, seit einigen Wochen ist aber der Festplattenzugriff extrem langsam, und ich versuche herauszufinden, ob es ein Festplattenproblem oder ein Virenproblem ist.

Die Probleme, die ich habe:
Neustarten dauert 30 Minuten, und er friert regelmäßig beim Starten aus dem Ruhezustand ein. Insbesondere dauert es super lange von der Anmeldung bis zur Benutzbarkeit des Computers, und der Desktop etc. friert oft ein. Das Problem habe ich auch, wenn ich im abgesicherten Modus starte. Zusätzlich friert der Computer sehr oft ein, ganz besonders, wenn ich etwas speichere (also wenn ich ein word-Dokument speichern will, friert er ein, braucht 10-20 Minuten, und dann geht es wieder).
Der Task-Manager funktioniert nur eingeschränkt, d.h. ich kann zwar die Prozesse sehen und bearbeiten, aber die Reiter oben fehlen.

Ich habe schon die Windows-eigene Festplatten-fehlersuche durchführen lassen, ohne ergebnis. Habe auch schon nen festplatten-scan aus dem Bios gemacht (C, auch ohne Probleme.

Mein nächster Schritt wäre das Neuaufsetzen des Systems, aber ich wollte doch hier nochmal fragen, ob es vielleicht eine Malware sein könnte, und wenn ja, welche. Ein Online-Virenscan mit Kaspersky blieb ohne Ergebnis.

Vielen Dank im Voraus,
trojanertoni

Alt 15.04.2014, 09:27   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 15.04.2014, 13:19   #3
trojanertoni
 
Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Vielen Dank!

First.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Toni (administrator) on TONI-HP on 15-04-2014 14:16:08
Running from C:\Users\Toni\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(O&O Software GmbH) C:\Program Files\OO Software\DriveLED\oodlag.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\Toni\AppData\Local\FluxSoftware\Flux\flux.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Dropbox, Inc.) C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Besta\PSH2.0\PSH2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [386584 2010-06-22] (Intel Corporation)
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [414744 2010-06-22] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-09-07] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-27] (Intel Corporation)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ServiceHome] => C:\Program Files (x86)\Besta\PSH2.0\PSH2.exe [3067904 2010-08-20] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-11-13] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-25] (Easybits)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [F.lux] => C:\Users\Toni\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Citations] => C:\Program Files (x86)\Mekentosj\Papers\Citations.exe [664064 2013-03-12] (Mekentosj BV)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Same\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (No File)
Startup: C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP50F5CAE3-AA79-4F90-9244-0500FEC0D980&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {3A39D5F3-635C-44AB-A170-7EB25B6239D7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {99E87C1F-BC2F-42C6-9B24-5B9FA12E628F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {3A39D5F3-635C-44AB-A170-7EB25B6239D7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {99E87C1F-BC2F-42C6-9B24-5B9FA12E628F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP50F5CAE3-AA79-4F90-9244-0500FEC0D980&q={searchTerms}&SSPV=
SearchScopes: HKCU - E69BCC8206984B329D06D7635D8406BF URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100489&mntrId=e8c86a190000000000000026c7a85423
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP50F5CAE3-AA79-4F90-9244-0500FEC0D980&q={searchTerms}&SSPV=
SearchScopes: HKCU - {3A39D5F3-635C-44AB-A170-7EB25B6239D7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {750CF89F-CA32-4255-9B2D-786E9F5C1E49} URL = 
SearchScopes: HKCU - {99E87C1F-BC2F-42C6-9B24-5B9FA12E628F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: EgisPBIE Class - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: EgisPBIE Class - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.48.1
Tcpip\..\Interfaces\{30B2CFE4-82E7-44F2-ABFF-E00AF5D91C19}: [NameServer]0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\54ueq59q.default-1392319113432
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @sun.com/npsopluginmi;version=1.0 - C:\Program Files (x86)\OpenOffice.org 3\program ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Bitdefender QuickScan - C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\54ueq59q.default-1392319113432\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-04-15]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-14]
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt
FF Extension: SimplePass Online Accounts Extension  - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2010-10-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-06]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

Chrome: 
=======
CHR HomePage: hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
CHR Plugin: (Shockwave Flash) - C:\Users\Toni\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Toni\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Toni\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
CHR Plugin: (Google Update) - C:\Users\Toni\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (RealDownloader) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-17]
CHR Extension: (NCapture) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgomjifbpjfhpodjhihemafahhmegbek [2013-04-13]
CHR Extension: (Skype Click to Call) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-07-15]
CHR Extension: (Google Wallet) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-17]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-06-22]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 EgisTec Service; C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [697712 2010-06-08] (Egis Technology Inc. )
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 O&O DriveLED; C:\Program Files\OO Software\DriveLED\oodlag.exe [610048 2009-09-28] (O&O Software GmbH)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-06] (DT Soft Ltd)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R0 OODrvled; C:\Windows\System32\DRIVERS\OODrvled.sys [30216 2009-09-28] (O&O Software GmbH)
R2 ProtectorA; C:\Windows\system32\drivers\ProtectorA.sys [22672 2012-01-11] (www.ISRA.org.cn)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Toni\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 iscFlash; \??\C:\Users\Toni\AppData\Local\Temp\iscflashx64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-15 14:16 - 2014-04-15 14:16 - 00029773 _____ () C:\Users\Toni\Downloads\FRST.txt
2014-04-15 14:16 - 2014-04-15 14:16 - 00000000 ____D () C:\FRST
2014-04-15 14:15 - 2014-04-15 14:15 - 02054144 _____ (Farbar) C:\Users\Toni\Downloads\FRST64.exe
2014-04-14 22:30 - 2014-04-14 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 21:57 - 2014-04-07 21:57 - 00000364 _____ () C:\Users\Toni\Downloads\swisscom_internet_access.txt
2014-03-27 18:53 - 2014-03-28 10:50 - 00001006 _____ () C:\Users\Toni\Downloads\Lab 4.do
2014-03-24 08:11 - 2014-03-24 08:11 - 00000227 _____ () C:\Users\Toni\Downloads\Lab 3.do
2014-03-24 07:40 - 2014-03-24 07:40 - 00002922 _____ () C:\Users\Toni\Downloads\Lab3_States.dta

==================== One Month Modified Files and Folders =======

2014-04-15 14:16 - 2014-04-15 14:16 - 00029773 _____ () C:\Users\Toni\Downloads\FRST.txt
2014-04-15 14:16 - 2014-04-15 14:16 - 00000000 ____D () C:\FRST
2014-04-15 14:15 - 2014-04-15 14:15 - 02054144 _____ (Farbar) C:\Users\Toni\Downloads\FRST64.exe
2014-04-15 13:58 - 2013-09-01 17:48 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006UA.job
2014-04-15 13:44 - 2012-11-23 17:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 13:22 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 13:22 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 13:19 - 2012-01-26 22:40 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\Dropbox
2014-04-15 13:18 - 2012-01-26 22:41 - 00000000 ___RD () C:\Users\Toni\Dropbox
2014-04-15 13:18 - 2011-03-01 19:30 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\Skype
2014-04-15 13:18 - 2010-10-08 19:31 - 01491409 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 13:17 - 2011-03-02 15:19 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{33F05840-799A-45B7-A3DC-FC5A62EDCA7E}
2014-04-15 13:13 - 2009-07-14 04:34 - 00422683 _____ () C:\Windows\win.ini
2014-04-15 13:05 - 2010-07-23 20:10 - 23411920 _____ () C:\Windows\system32\perfh007.dat
2014-04-15 13:02 - 2010-07-23 20:10 - 07611282 _____ () C:\Windows\system32\perfc007.dat
2014-04-15 13:02 - 2009-07-14 07:13 - 00006488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-15 12:53 - 2014-01-13 18:13 - 00002987 _____ () C:\Windows\setupact.log
2014-04-15 12:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 22:30 - 2014-04-14 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-14 21:40 - 2013-09-01 17:48 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006Core.job
2014-04-14 09:00 - 2014-01-23 23:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-14 09:00 - 2014-01-23 23:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-14 09:00 - 2013-08-24 18:25 - 00000000 ____D () C:\Users\Same
2014-04-14 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-13 23:15 - 2011-03-01 18:37 - 00000000 ____D () C:\Users\Toni
2014-04-07 21:57 - 2014-04-07 21:57 - 00000364 _____ () C:\Users\Toni\Downloads\swisscom_internet_access.txt
2014-03-28 10:50 - 2014-03-27 18:53 - 00001006 _____ () C:\Users\Toni\Downloads\Lab 4.do
2014-03-28 10:02 - 2011-03-01 19:21 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\vlc
2014-03-27 03:01 - 2011-06-02 22:08 - 00000000 ____D () C:\Users\Toni\Documents\My Library
2014-03-24 08:11 - 2014-03-24 08:11 - 00000227 _____ () C:\Users\Toni\Downloads\Lab 3.do
2014-03-24 07:40 - 2014-03-24 07:40 - 00002922 _____ () C:\Users\Toni\Downloads\Lab3_States.dta
2014-03-23 00:42 - 2013-07-21 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-23 00:40 - 2011-04-08 22:22 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-22 11:36 - 2013-02-27 23:15 - 00000000 ____D () C:\Windows\rescache
2014-03-22 11:35 - 2011-03-06 19:09 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-21 18:47 - 2011-12-22 06:51 - 00000000 ___RD () C:\Program Files (x86)\Skype

Some content of TEMP:
====================
C:\Users\Toni\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Toni\AppData\Local\Temp\htmlayout.dll
C:\Users\Toni\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Toni\AppData\Local\Temp\nsxF251.exe
C:\Users\Toni\AppData\Local\Temp\SPSetup.exe
C:\Users\Toni\AppData\Local\Temp\uninstall10646319.exe
C:\Users\Toni\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Toni\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
         
Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014
Ran by Toni at 2014-04-15 14:16:42
Running from C:\Users\Toni\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Anki (HKLM-x32\...\Anki) (Version:  - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{1795BAA8-65EC-66D0-9DA4-D4B1FBE7700E}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
BioExcess (Version: 7.0.33.0 - Egis Technology Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0621.2137.36973 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0621.2137.36973 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0621.2137.36973 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0621.2137.36973 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help English (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help French (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help German (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0621.2136.36973 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0621.2137.36973 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0621.2137.36973 - ATI) Hidden
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Crystal Reports for .NET Framework 2.0 (x86) (HKLM-x32\...\{7C05EEDD-E565-4E2B-ADE4-0C784C17311C}) (Version: 10.2.0 - Business Objects)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.0 - REINER SCT)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
f.lux (HKCU\...\Flux) (Version:  - )
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.3.524 - Foxit Corporation)
Free M4a to MP3 Converter 7.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
GPL Ghostscript 8.71 (HKLM-x32\...\GPL Ghostscript 8.71) (Version:  - )
GSview 4.9 (HKLM-x32\...\GSview 4.9) (Version:  - )
HD Tune Pro 4.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP 3D DriveGuard (HKLM\...\{991A4895-3346-4980-990F-A1041B73C6F7}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP SimplePass Identity Protection (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.33.0 - Egis Technology Inc.)
HP SimplePass Identity Protection (x32 Version: 7.0.33.0 - Egis Technology Inc.) Hidden
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
Icy Tower v1.5 (HKLM-x32\...\Icy Tower v1.5_is1) (Version:  - Free Lunch Design)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{0D9917CE-1C77-4B58-A153-DCB5A854ED82}) (Version: 1.2.15.0 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
JabRef 2.6 (HKLM-x32\...\JabRef 2.6) (Version: 2.6 - JabRef Team)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
Kindle PC Converter (HKLM-x32\...\KindleConverter) (Version:  - hxxp://www.ebook-converter.com)
Klebezettel NG (Version 2.9.12) (HKLM-x32\...\{4F81901F-3655-4340-8227-F687F69A3C79}}_is1) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version:  - )
LEd Beta 0.53 (HKLM-x32\...\LEd_is1) (Version:  - www.LaTeXEditor.org)
LingoPad 2.6 (Build 360) (HKLM-x32\...\LingoPad_is1) (Version: 2.6 - Lingo4you)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mendeley Desktop 1.10.3 (HKLM-x32\...\Mendeley Desktop) (Version: 1.10.3 - Mendeley Ltd.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.8 (HKLM-x32\...\MiKTeX 2.8) (Version: 2.8 - MiKTeX.org)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird (3.1.10) (HKLM-x32\...\Mozilla Thunderbird (3.1.10)) (Version: 3.1.10 (de) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neverball 1.5.4 (HKLM-x32\...\Neverball) (Version: 1.5.4 - )
O&O DriveLED (HKLM\...\{53480150-81CB-4A86-B378-86B6F08AF80B}) (Version: 3.0.1945 - O&O Software GmbH)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Papers (HKLM-x32\...\Papers) (Version: 1.0.21.00849 - Mekentosj BV)
PC Service Home (HKLM-x32\...\{2B069147-80C9-4C6A-9AFB-3534BEF70A96}) (Version: 2.0 - Besta)
PC Service Home 2.0 (x32 Version: 2.0 - Besta) Hidden
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.195.0 - Tracker Software Products Ltd.)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
POWERPREP II (HKLM-x32\...\{2687340C-C114-47DC-9F0E-C1BA85FEB001}) (Version: 1.00.0000 - ETS)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
RUBICon (HKLM-x32\...\{438134D3-0BD4-4C52-8575-5B2B63AD01C2}) (Version: 2.0.25 - RUB)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SCR3xxx Smart Card Reader (HKLM-x32\...\{6DA99C69-0799-467E-9496-F37E1E452A4A}) (Version: 8.40 - SCM Microsystems)
Scribus 1.3.3.14 (HKLM-x32\...\Scribus 1.3.3.14) (Version: 1.3.3.14 - The Scribus Team)
SecureW2 EAP Suite 2.0.4 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SuperTux 0.3.1 (HKLM-x32\...\SuperTux 0.3.1) (Version: 0.3.1 - SuperTux Devel Team)
SuperTux 0.3.3 (HKLM-x32\...\SuperTux 0.3.3) (Version: 0.3.3 - SuperTux Devel Team)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
TeXnicCenter Version 2.0 Alpha 4 (HKLM\...\TeXnicCenter Alpha_is1) (Version: 2.0 Alpha 4 - The TeXnicCenter Team)
TeXstudio 2.5.1 (HKLM-x32\...\TeXstudio_is1) (Version: 2.5.1 - Benito van der Zander)
TeXworks 0.4.4 (HKLM-x32\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version:  - TeX Users Group)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual MP3 Splitter & Joiner 6.1 (HKLM-x32\...\Visual MP3 Splitter & Joiner_is1) (Version:  - ManiacTools.com)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.621  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)

==================== Restore Points  =========================

09-04-2014 22:05:24 Windows Update
14-04-2014 19:51:58 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-07-14 05:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {287CB361-946F-4BED-BB1D-964638898F39} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3426EBA1-6405-491C-A6A6-1994A3A026A1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006UA => C:\Users\Same\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-01] (Google Inc.)
Task: {3CC0B9CC-1BA3-4566-90AF-3C548B2ACF53} - System32\Tasks\{701BC06A-8691-4551-8345-0A012D3DAF93} => C:\Program Files (x86)\ETS\PPGRE\PPREP\PPREP.EXE
Task: {57D8295E-BA47-4C01-8660-9F5ACEB443CE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1437298276-3645973725-722044047-1006 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6DB49333-BD5D-4364-A874-6FFEE432A22A} - System32\Tasks\{4B0AB3FD-072B-49C1-9DAE-321C5D9D0606} => C:\Program Files (x86)\ETS\PPGRE\PPREP\PPREP.EXE
Task: {6F012716-1F23-4DB9-B167-35DE956C8DDB} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe
Task: {6F6C13DE-992D-49AF-B9A5-FDB95254D1B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {6F6ED4FD-FDF3-4C4F-9164-DB346635B501} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {82DA5E68-361A-429C-A195-1418C93E2273} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006Core => C:\Users\Same\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-01] (Google Inc.)
Task: {83F8FF80-14B0-4D82-BB41-E5E32E51E44A} - System32\Tasks\{7BD11640-0BD7-41BE-9170-566962A31733} => C:\Program Files (x86)\ETS\PPGRE\PPREP\PPREP.EXE
Task: {9A07DBC5-26F8-41D4-BBAE-D181D870D5A8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {A1679FDF-41C3-4610-B8CF-E49FEB1BE2D0} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1437298276-3645973725-722044047-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {A83EA980-BA7A-40EC-8137-70E4323ADF2B} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe [2012-12-12] (hxxp://yourfiledownloader.com) <==== ATTENTION
Task: {C1213333-8446-4527-8413-B28369D3E19C} - System32\Tasks\{52114022-D133-4CB0-9911-8203C28ADD54} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.166.321/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {C8474E8B-C8AE-4E07-AB1F-2382A2BF51C8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1437298276-3645973725-722044047-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {CE012DF0-FE41-4651-95C3-E65494696CA8} - System32\Tasks\bfghfh => G:\Unterhaltung\Musik\Eigene Musik\Deutsch\Die Aerzte\Die Aerzte - Das Beste Von Kurz Nach Frueher Bis Jetze\CD1\09.Ist das alles.mp3
Task: {D3C23887-BC29-4C9C-8A5C-4F4CA9C93130} - System32\Tasks\{28F3FB92-1474-4AE0-B79A-2AB086115093} => C:\Program Files (x86)\ETS\PPGRE\PPREP\PPREP.EXE
Task: {D80C438B-8E51-4EFB-BC7C-E83158AC61A1} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1437298276-3645973725-722044047-1006 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E15C9183-1149-4452-97CD-C8CFA2186259} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1437298276-3645973725-722044047-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EE595EEF-9764-4AB0-B798-99F248F8A526} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1437298276-3645973725-722044047-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Feven 1.5-chromeinstaller.job => C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall\Feven 1.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job => C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall\Feven 1.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006Core.job => C:\Users\Same\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006UA.job => C:\Users\Same\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SuperLyrics-16-chromeinstaller.job => C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\SuperLyrics-16-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\SuperLyrics-16-firefoxinstaller.job => C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\SuperLyrics-16-firefoxinstaller.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 09:23 - 2010-10-20 09:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-09-17 17:31 - 2010-08-20 03:10 - 03067904 _____ () C:\Program Files (x86)\Besta\PSH2.0\PSH2.exe
2010-06-10 17:12 - 2010-06-10 17:12 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-21 21:36 - 2010-06-21 21:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-11 15:57 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Toni\AppData\Roaming\Dropbox\bin\libcef.dll
2011-09-17 17:31 - 2010-08-20 03:09 - 00278528 _____ () C:\Program Files (x86)\Besta\PSH2.0\bdbcoreU.dll
2011-09-17 17:31 - 2010-08-12 08:31 - 00028672 _____ () C:\Program Files (x86)\Besta\PSH2.0\PSHPub.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 09:45 - 2010-10-20 09:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-04-14 22:30 - 2014-04-14 22:30 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Toni^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Toni\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VitaKeyTSR => C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name: Shrew Soft Lightweight Filter
Description: Shrew Soft Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: vflt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom 2070 Bluetooth
Description: Broadcom 2070 Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2014 01:12:45 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DivXUpdate.exe, Version: 1.0.6.88, Zeitstempel: 0x511afc59
Name des fehlerhaften Moduls: netprofm.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4a5bda75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74a12505
ID des fehlerhaften Prozesses: 0xe44
Startzeit der fehlerhaften Anwendung: 0xDivXUpdate.exe0
Pfad der fehlerhaften Anwendung: DivXUpdate.exe1
Pfad des fehlerhaften Moduls: DivXUpdate.exe2
Berichtskennung: DivXUpdate.exe3

Error: (04/15/2014 01:01:59 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/15/2014 01:01:59 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/15/2014 01:01:57 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/14/2014 09:43:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/14/2014 09:43:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/14/2014 09:43:01 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/13/2014 11:22:02 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/13/2014 11:22:02 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/13/2014 11:22:02 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (04/15/2014 01:06:43 PM) (Source: DCOM) (User: )
Description: {4991D34B-80A1-4291-83B6-3328366B9097}

Error: (04/15/2014 01:05:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (04/15/2014 01:03:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (04/15/2014 01:01:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Protection" wurde nicht richtig gestartet.

Error: (04/15/2014 01:00:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/15/2014 01:00:55 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (04/15/2014 01:00:12 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (04/15/2014 01:00:55 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (04/15/2014 00:58:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Health Check Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/15/2014 00:58:04 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.


Microsoft Office Sessions:
=========================
Error: (04/15/2014 01:12:45 PM) (Source: Application Error)(User: )
Description: DivXUpdate.exe1.0.6.88511afc59netprofm.dll_unloaded0.0.0.04a5bda75c000000574a12505e4401cf589a76a5f90cC:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exenetprofm.dllde596457-c48e-11e3-9d03-8919da569e5c

Error: (04/15/2014 01:01:59 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/15/2014 01:01:59 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/15/2014 01:01:57 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/14/2014 09:43:01 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/14/2014 09:43:01 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/14/2014 09:43:01 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/13/2014 11:22:02 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (04/13/2014 11:22:02 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (04/13/2014 11:22:02 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000


CodeIntegrity Errors:
===================================
  Date: 2014-04-15 12:53:02.899
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-15 12:53:02.852
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-13 23:11:18.666
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-13 23:11:18.620
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-13 23:01:45.768
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-13 23:01:45.721
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-09 23:22:38.139
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-09 23:22:38.092
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-28 16:00:22.139
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-28 16:00:22.092
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3893.86 MB
Available physical RAM: 2118.51 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 5872.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.11 GB) (Free:8.41 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.35 GB) (Free:3.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Daten) (Fixed) (Total:219 GB) (Free:21.68 GB) NTFS
Drive i: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 908943E4)
Partition 1: (Active) - (Size=199 MB) - (Type=42)
Partition 2: (Not Active) - (Size=222 GB) - (Type=42)
Partition 3: (Not Active) - (Size=24 GB) - (Type=42)
Partition 4: (Not Active) - (Size=103 MB) - (Type=42)

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 16.04.2014, 10:16   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.04.2014, 23:07   #5
trojanertoni
 
Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Vielen Dank! Die Logs sind wohl zu lange, und irgendwie hängt sich der PC beim Archive-Machen auf, ich teile den Beitrag jetzt also ausnahmsweise mal in 2. Hoffe, das ist ok!

Die mbam.txt:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.04.2014
Suchlauf-Zeit: 15:40:04
Logdatei: mbam right.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.16.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Toni

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320004
Verstrichene Zeit: 58 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 8
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [9c645fa17f81b44cab570c8633d016ea], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [fe02867aee1247b9d20c1257e61c8878], 
PUP.Optional.SmartBar, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarBackup, In Quarantäne, [ed131ae6f60ad32d0f89b5f58d7647b9], 
PUP.Optional.SmartBar, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, In Quarantäne, [1ae639c7e818f50b2b6c2387c63df808], 
PUP.Optional.Lyrics.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SuperLyrics-16, In Quarantäne, [ed134bb5d12fae529d079fccfe04be42], 
PUP.Optional.Feven.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Feven, In Quarantäne, [936db8489868d22ee07be9b7bc4757a9], 
PUP.Optional.Lyrics.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\PassWizard, In Quarantäne, [b44c7c84b24ed0301c552b70c2419e62], 
PUP.Optional.SuperLyrics.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SuperLyrics-16, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0C1K1O2X1H1Q1KtF1FtG1O, In Quarantäne, [9c645fa17f81b44cab570c8633d016ea]

Registrierungsdaten: 7
PUP.Optional.Conduit.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP50F5CAE3-AA79-4F90-9244-0500FEC0D980&SSPV=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP50F5CAE3-AA79-4F90-9244-0500FEC0D980&SSPV=),Ersetzt,[0ff1aa5688781fe15a2e9a8107fd34cc]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=hp&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=hp&installDate={installDate}),Ersetzt,[f20eeb1535cbbe42424f978db05434cc]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[857b3dc3b54b11efa9e7de46d72d7b85]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[a25e13edcb35966ad0bf1311fa0a669a]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[3ec2cd338d739769c4ceac78ea1ae41c]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[936d1fe1eb1538c8246fa0842ed63ac6]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[46ba90700000be426dbb57c460a4a25e]

Ordner: 46
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\components, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy\OpenCandy_13DA043A7C264CBF8622166651D0F496, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults\preferences, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale\en-US, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\defaults, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\defaults\preferences, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\userCode, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\locale, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\locale\en-US, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_incpbbmbclbkhjphicahojidkcabaajc_0, In Quarantäne, [f60a639dd42c68988f3dbbaa07fb44bc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\userCode, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\actions, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\popupResource, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 

Dateien: 397
PUP.Optional.Conduit.A, C:\Users\Toni\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [8779d927a85842be96478b8ddb26fc04], 
PUP.Optional.SearchProtect.A, C:\Users\Toni\AppData\Local\Temp\nsxF251.exe, In Quarantäne, [5aa61fe131cfe719549a65be0ef34ab6], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsgBB8A.exe, In Quarantäne, [f50b02fe7a867e8299555cc73ac703fd], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nslCE40.exe, In Quarantäne, [13edd52b2cd4b050638b54cf6d9420e0], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsq1033.exe, In Quarantäne, [88787888dd234bb5c82626fd0cf51ce4], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsqD255.exe, In Quarantäne, [60a0cc34ec148a7621cdd54e56ab8b75], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsqE452.exe, In Quarantäne, [fd03c13ff30d877921cd47dc4bb6fe02], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsqE453.exe, In Quarantäne, [9f611be57d83718fa44a0e156998d62a], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nst52C5.exe, In Quarantäne, [ef11817f06fa4ab611dd9e852ad75ca4], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsvB7F1.exe, In Quarantäne, [847cde22c63ae917a34be0436c95956b], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsw2E2F.exe, In Quarantäne, [ca369070e21e3bc52bc36bb8d928ba46], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsyAA09.exe, In Quarantäne, [bd4334ccf10feb15b93577ac837e0df3], 
PUP.Optional.BundleInstaller.A, C:\Users\Same\Downloads\Setup (1).exe, In Quarantäne, [13edad533cc497690ef265bfa15f12ee], 
PUP.Optional.Firseria, C:\Users\Same\Downloads\Setup (2).exe, In Quarantäne, [a759e917b24ec7394f8cde6bcd377d83], 
PUP.Optional.BundleInstaller.A, C:\Users\Same\Downloads\Setup.exe, In Quarantäne, [867ac838619f5ca4b34d47dd20e00ef2], 
PUP.Optional.DomaIQ, C:\Users\Same\Downloads\Java (1).exe, In Quarantäne, [5ca47789d927a45ce86566bae021e31d], 
PUP.Optional.DomaIQ, C:\Users\Same\Downloads\Java (2).exe, In Quarantäne, [af51ab5517e9cd3379d42000e918b34d], 
PUP.Optional.DomaIQ, C:\Users\Same\Downloads\Java (3).exe, In Quarantäne, [5ea2f10fc63a19e74508061af011e11f], 
PUP.Optional.DomaIQ, C:\Users\Same\Downloads\Java.exe, In Quarantäne, [669a8f7127d9c7390746f42c7f82629e], 
PUP.Optional.InstalleRex, C:\Users\Toni\Downloads\Download.exe, In Quarantäne, [0af602feb05027d9dbaca192ba47fd03], 
PUP.Optional.Softonic.A, C:\Users\Toni\Downloads\SoftonicDownloader_fuer_hijackthis.exe, In Quarantäne, [0cf450b025db1ee2f9a71604e1206997], 
PUP.Optional.Feven.A, C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall\Feven 1.5-chromeinstaller.exe, In Quarantäne, [ea16f60add235ea204e9a69dc93841bf], 
PUP.Optional.Feven.A, C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall\Feven 1.5-firefoxinstaller.exe, In Quarantäne, [1ee2837d52ae0000816c1a292fd2a060], 
PUP.Optional.Feven.A, C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall\utils.exe, In Quarantäne, [827e649c748cdb258257e25d6a96867a], 
PUP.Optional.TubeSing.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\utils.exe, In Quarantäne, [60a0dc24a45c11ef714346e160a1be42], 
Malware.Gen, C:\Users\Toni\Desktop\Desktop\nvivo 7\Keygen.exe, In Quarantäne, [b64a60a055ab60a0357aaba4c739936d], 
Malware.Gen, C:\Users\Toni\Desktop\Desktop\nvivo 7\qsrnvivov7.0.281.0sp4keygenhaze.zip, In Quarantäne, [5ea2ba4644bc6b956b444f008b7552ae], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_incpbbmbclbkhjphicahojidkcabaajc_0.localstorage, In Quarantäne, [2dd3e51b867a8878c2d75a11738fb050], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_incpbbmbclbkhjphicahojidkcabaajc_0.localstorage-journal, In Quarantäne, [9b65d22ee41c77898e0beb803ec49c64], 
PUP.Optional.WebSearch.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\searchplugins\Web Search.xml, In Quarantäne, [ac546a96ee122cd46b152d445aa8d12f], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote.xml, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\accelerate, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg_list.xml, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\337.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\barbie.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\facebook.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\GameCenter.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\google.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\mario.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\twitter.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\v9.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\youtube.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Microsoft\Windows\SendTo\Desk 365.lnk, In Quarantäne, [857bbc44a858c43cc819712712f148b8], 
PUP.Optional.SuperLyrics.A, C:\Windows\Tasks\SuperLyrics-16-chromeinstaller.job, In Quarantäne, [cc34ce328c74a35d97471b7e37cc2dd3], 
PUP.Optional.SuperLyrics.A, C:\Windows\Tasks\SuperLyrics-16-firefoxinstaller.job, In Quarantäne, [cd33817fa8580ef2538b05948083ea16], 
PUP.Optional.Feven.A, C:\Windows\Tasks\Feven 1.5-chromeinstaller.job, In Quarantäne, [22def20eb64aee124514bfe116ed857b], 
PUP.Optional.Feven.A, C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job, In Quarantäne, [619f45bb60a0a0606aef9a06a45f0df3], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy\OpenCandy_13DA043A7C264CBF8622166651D0F496\1600.ico, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy\OpenCandy_13DA043A7C264CBF8622166651D0F496\PCBeschleunigen.exe, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy\OpenCandy_13DA043A7C264CBF8622166651D0F496\SpeedstarterDE.exe, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome.manifest, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\install.rdf, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\background.html, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\baseObject.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\browser.xul, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\dialog.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\main.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\options.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\options.xul, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\search_dialog.xul, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\asyncDB.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\background.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\browserAction.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\contextMenu.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\dbManager.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\dom_bg.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\fileManager.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefox.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefoxNotifications.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefoxOmnibox.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\message.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\pageAction.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\request.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\tabs.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\webRequest.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\console.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\consts.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\delegate.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\extensionDataStore.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\folderIOWrapper.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\httpObserver.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\IDBWrapper.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\installer.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\logFile.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\prefs.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\progressListenerObserver.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\registry.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\reloadObserver.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\reports.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\requestObject.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\searchSettings.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\uninstallObserver.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\updateManager.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\utils.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\xhr.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults\preferences\prefs.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\manifest.xml, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins.json, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\138_getdeal_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\101_cortica_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\102_dealply_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\103_intext_5_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\104_jollywallet_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\105_corticas_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\107_coupish_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\108_icm_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\116_ads_only_5_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\117_coupons_intext_ads_5_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\119_similar_web_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\120_luck_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\170_icm1_5_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\171_arcadi2_sourceID_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\175_coolmirage_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\17_jQuery.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\1_base.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\21_debug.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\22_resources.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\28_initializer.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\47_resources_background.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\4_jquery_1_7_1.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\64_appApiMessage.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\123_intext_adv_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\125_arcadi2_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\126_revizer_ws_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\127_revizer_p_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\128_superfish_pricora_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\129_widdit_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\135_arcadi3_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\72_appApiValidation.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\78_CrossriderInfo.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\7_hooks.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\87_ginyas_wrapper.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\91_monetizationLoader.js.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\92_superfish_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\93_superfish_no_coupons_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\98_omniCommands.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\9_search_engine_hook.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\13_CrossriderAppUtils.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\141_corticas_ru_m.js.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\142_intext_fa_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\14_CrossriderUtils.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\155_ibario_pops_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\159_cortica_rollover_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\16_FFAppAPIWrapper.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode\background.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode\extension.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale\en-US\translations.dtd, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button1.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button2.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button3.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button4.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button5.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\crossrider_statusbar.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon128.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon16.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon24.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon48.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\panelarrow-up.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\popup.html, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\skin.css, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\update.css, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome.manifest, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\install.rdf, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\background.html, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\baseObject.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\browser.xul, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\dialog.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\main.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\options.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\options.xul, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\search_dialog.xul, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\asyncDB.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\background.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\browserAction.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\contextMenu.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\dbManager.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\dom_bg.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\fileManager.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\firefox.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\firefoxNotifications.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\firefoxOmnibox.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\message.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\pageAction.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\request.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\tabs.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\webRequest.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\console.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\consts.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\delegate.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\extensionDataStore.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\folderIOWrapper.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\httpObserver.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\IDBWrapper.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\installer.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\logFile.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\prefs.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\progressListenerObserver.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\registry.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\reloadObserver.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\reports.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\requestObject.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\searchSettings.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\uninstallObserver.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\updateManager.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\utils.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\xhr.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\defaults\preferences\prefs.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\manifest.xml, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins.json, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\101_cortica_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\102_dealply_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\103_intext_5_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\104_jollywallet_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\105_corticas_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\107_coupish_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\108_icm_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\116_ads_only_5_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\117_coupons_intext_ads_5_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\119_similar_web_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\120_luck_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\16_FFAppAPIWrapper.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\170_icm1_5_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\171_arcadi2_sourceID_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\175_coolmirage_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\17_jQuery.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\1_base.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\21_debug.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\22_resources.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\28_initializer.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\47_resources_background.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\4_jquery_1_7_1.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\64_appApiMessage.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\123_intext_adv_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\125_arcadi2_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\126_revizer_ws_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\127_revizer_p_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\128_superfish_pricora_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\129_widdit_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\135_arcadi3_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\138_getdeal_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\72_appApiValidation.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\78_CrossriderInfo.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\7_hooks.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\87_ginyas_wrapper.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\91_monetizationLoader.js.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\92_superfish_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\93_superfish_no_coupons_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\98_omniCommands.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\9_search_engine_hook.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\13_CrossriderAppUtils.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\141_corticas_ru_m.js.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\142_intext_fa_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\14_CrossriderUtils.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\155_ibario_pops_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\159_cortica_rollover_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\userCode\background.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\userCode\extension.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\locale\en-US\translations.dtd, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button1.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button2.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button3.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button4.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button5.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\crossrider_statusbar.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\icon128.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\icon16.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\icon24.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\icon48.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\panelarrow-up.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\popup.html, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\skin.css, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\update.css, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_incpbbmbclbkhjphicahojidkcabaajc_0\3, In Quarantäne, [f60a639dd42c68988f3dbbaa07fb44bc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\background.html, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\crossriderManifest.json, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\manifest.json, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\popup.html, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\manifest.xml, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins.json, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\21_debug.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\101_cortica_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\102_dealply_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\103_intext_5_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\104_jollywallet_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\105_corticas_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\107_coupish_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\108_icm_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\116_ads_only_5_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\117_coupons_intext_ads_5_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\119_similar_web_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\120_luck_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\123_intext_adv_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\125_arcadi2_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\126_revizer_ws_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\127_revizer_p_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\128_superfish_pricora_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\129_widdit_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\135_arcadi3_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\138_getdeal_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\13_CrossriderAppUtils.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\141_corticas_ru_m.js.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\142_intext_fa_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\14_CrossriderUtils.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\155_ibario_pops_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\159_cortica_rollover_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\170_icm1_5_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\171_arcadi2_sourceID_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\175_coolmirage_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\178_revizer_ws_dynamic_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\179_revizer_p_dynamic_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\17_jQuery.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\19_CHAppAPIWrapper.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\1_base.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\22_resources.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\28_initializer.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\47_resources_background.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\4_jquery_1_7_1.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\64_appApiMessage.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\72_appApiValidation.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\78_CrossriderInfo.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\7_hooks.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\80_CHPopupAppAPI.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\87_ginyas_wrapper.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\91_monetizationLoader.js.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\92_superfish_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\93_superfish_no_coupons_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\97_resourceApiWrapper.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\9_search_engine_hook.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\userCode\background.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\userCode\extension.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\icon128.png, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\icon16.png, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\icon48.png, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\actions\1.png, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\background.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\main.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\chrome.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\cookie.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\message.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\pageAction.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\pageActionBG.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\app_api.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\bg_app_api.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\consts.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\cookie_store.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\crossriderAPI.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\delegate.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\events.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\extensionDataStore.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\installer.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\logFile.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\logging.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\reports.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\storageWrapper.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\updateManager.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\util.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\xhr.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\popupResource\newPopup.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\popupResource\popup.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\000171.sst, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\000176.sst, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\000179.sst, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\000180.log, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\CURRENT, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\LOCK, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\LOG, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\LOG.old, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\MANIFEST-000178, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\44162.crx, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\44162.xpi, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\Installer.log, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\SuperLyrics-16-chromeinstaller.exe, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\SuperLyrics-16-firefoxinstaller.exe, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\Uninstall.exe, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SnapDo.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=nt&installDate={installDate}");), Ersetzt,[41bf956b2cd4b14f1dc4be91b74d37c9]
PUP.Optional.SnapDo.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&installDate={installDate}&q=");), Ersetzt,[cf31a957c53bfc04d2100c43b94bbb45]
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "141cfa9bafd7a31fc4d6db4148ae0da2");), Ersetzt,[eb15bd43ca3607f92ebb3619c34134cc]
PUP.Optional.Snapdo.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=hp&installDate={installDate}");), Ersetzt,[c9378c7415eb5ea21023480828dca45c]
PUP.Optional.Snapdo.A, C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://www.google.com/", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=hp&installDate={installDate}", "hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP" ],), Ersetzt,[6d93c739738d22de2f9c064aa55f9e62]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Adwcleaner[.txt:
Code:
ATTFilter
# AdwCleaner v3.100 - Bericht erstellt am 20/04/2014 um 20:40:38
# Aktualisiert 20/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Toni - TONI-HP
# Gestartet von : C:\Users\Toni\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Program Files (x86)\yourfiledownloader
Ordner Gelöscht : C:\Windows\Uninstaller
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Toni\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Toni\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Toni\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Toni\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Toni\AppData\Roaming\yourfiledownloader
Ordner Gelöscht : C:\Users\Same\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
Datei Gelöscht : C:\Users\Same\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Same\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Datei Gelöscht : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_klebezettel-ng_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_klebezettel-ng_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\54ueq59q.default-1392319113432\prefs.js ]


[ Datei : C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");

-\\ Google Chrome v

[ Datei : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [6746 octets] - [20/04/2014 20:39:23]
AdwCleaner[S0].txt - [5966 octets] - [20/04/2014 20:40:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6026 octets] ##########
         


Alt 20.04.2014, 23:08   #6
trojanertoni
 
Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Vielen Dank! Die Logs sind wohl zu lange, und irgendwie hängt sich der PC beim Archive-Machen auf, ich teile den Beitrag jetzt also ausnahmsweise mal in 2. Hoffe, das ist ok!

Die mbam.txt:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.04.2014
Suchlauf-Zeit: 15:40:04
Logdatei: mbam right.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.16.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Toni

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320004
Verstrichene Zeit: 58 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 8
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [9c645fa17f81b44cab570c8633d016ea], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [fe02867aee1247b9d20c1257e61c8878], 
PUP.Optional.SmartBar, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarBackup, In Quarantäne, [ed131ae6f60ad32d0f89b5f58d7647b9], 
PUP.Optional.SmartBar, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmartbarLog, In Quarantäne, [1ae639c7e818f50b2b6c2387c63df808], 
PUP.Optional.Lyrics.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SuperLyrics-16, In Quarantäne, [ed134bb5d12fae529d079fccfe04be42], 
PUP.Optional.Feven.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Feven, In Quarantäne, [936db8489868d22ee07be9b7bc4757a9], 
PUP.Optional.Lyrics.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\PassWizard, In Quarantäne, [b44c7c84b24ed0301c552b70c2419e62], 
PUP.Optional.SuperLyrics.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SuperLyrics-16, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0C1K1O2X1H1Q1KtF1FtG1O, In Quarantäne, [9c645fa17f81b44cab570c8633d016ea]

Registrierungsdaten: 7
PUP.Optional.Conduit.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP50F5CAE3-AA79-4F90-9244-0500FEC0D980&SSPV=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP50F5CAE3-AA79-4F90-9244-0500FEC0D980&SSPV=),Ersetzt,[0ff1aa5688781fe15a2e9a8107fd34cc]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=hp&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=hp&installDate={installDate}),Ersetzt,[f20eeb1535cbbe42424f978db05434cc]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[857b3dc3b54b11efa9e7de46d72d7b85]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[a25e13edcb35966ad0bf1311fa0a669a]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[3ec2cd338d739769c4ceac78ea1ae41c]
PUP.Optional.Snapdo, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[936d1fe1eb1538c8246fa0842ed63ac6]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1437298276-3645973725-722044047-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&q={searchTerms}&installDate={installDate}),Ersetzt,[46ba90700000be426dbb57c460a4a25e]

Ordner: 46
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\components, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy\OpenCandy_13DA043A7C264CBF8622166651D0F496, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults\preferences, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale\en-US, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\defaults, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\defaults\preferences, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\userCode, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\locale, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\locale\en-US, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_incpbbmbclbkhjphicahojidkcabaajc_0, In Quarantäne, [f60a639dd42c68988f3dbbaa07fb44bc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\userCode, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\actions, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\popupResource, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 

Dateien: 397
PUP.Optional.Conduit.A, C:\Users\Toni\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [8779d927a85842be96478b8ddb26fc04], 
PUP.Optional.SearchProtect.A, C:\Users\Toni\AppData\Local\Temp\nsxF251.exe, In Quarantäne, [5aa61fe131cfe719549a65be0ef34ab6], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsgBB8A.exe, In Quarantäne, [f50b02fe7a867e8299555cc73ac703fd], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nslCE40.exe, In Quarantäne, [13edd52b2cd4b050638b54cf6d9420e0], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsq1033.exe, In Quarantäne, [88787888dd234bb5c82626fd0cf51ce4], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsqD255.exe, In Quarantäne, [60a0cc34ec148a7621cdd54e56ab8b75], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsqE452.exe, In Quarantäne, [fd03c13ff30d877921cd47dc4bb6fe02], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsqE453.exe, In Quarantäne, [9f611be57d83718fa44a0e156998d62a], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nst52C5.exe, In Quarantäne, [ef11817f06fa4ab611dd9e852ad75ca4], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsvB7F1.exe, In Quarantäne, [847cde22c63ae917a34be0436c95956b], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsw2E2F.exe, In Quarantäne, [ca369070e21e3bc52bc36bb8d928ba46], 
PUP.Optional.SearchProtect.A, C:\Windows\temp\nsyAA09.exe, In Quarantäne, [bd4334ccf10feb15b93577ac837e0df3], 
PUP.Optional.BundleInstaller.A, C:\Users\Same\Downloads\Setup (1).exe, In Quarantäne, [13edad533cc497690ef265bfa15f12ee], 
PUP.Optional.Firseria, C:\Users\Same\Downloads\Setup (2).exe, In Quarantäne, [a759e917b24ec7394f8cde6bcd377d83], 
PUP.Optional.BundleInstaller.A, C:\Users\Same\Downloads\Setup.exe, In Quarantäne, [867ac838619f5ca4b34d47dd20e00ef2], 
PUP.Optional.DomaIQ, C:\Users\Same\Downloads\Java (1).exe, In Quarantäne, [5ca47789d927a45ce86566bae021e31d], 
PUP.Optional.DomaIQ, C:\Users\Same\Downloads\Java (2).exe, In Quarantäne, [af51ab5517e9cd3379d42000e918b34d], 
PUP.Optional.DomaIQ, C:\Users\Same\Downloads\Java (3).exe, In Quarantäne, [5ea2f10fc63a19e74508061af011e11f], 
PUP.Optional.DomaIQ, C:\Users\Same\Downloads\Java.exe, In Quarantäne, [669a8f7127d9c7390746f42c7f82629e], 
PUP.Optional.InstalleRex, C:\Users\Toni\Downloads\Download.exe, In Quarantäne, [0af602feb05027d9dbaca192ba47fd03], 
PUP.Optional.Softonic.A, C:\Users\Toni\Downloads\SoftonicDownloader_fuer_hijackthis.exe, In Quarantäne, [0cf450b025db1ee2f9a71604e1206997], 
PUP.Optional.Feven.A, C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall\Feven 1.5-chromeinstaller.exe, In Quarantäne, [ea16f60add235ea204e9a69dc93841bf], 
PUP.Optional.Feven.A, C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall\Feven 1.5-firefoxinstaller.exe, In Quarantäne, [1ee2837d52ae0000816c1a292fd2a060], 
PUP.Optional.Feven.A, C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall\utils.exe, In Quarantäne, [827e649c748cdb258257e25d6a96867a], 
PUP.Optional.TubeSing.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\utils.exe, In Quarantäne, [60a0dc24a45c11ef714346e160a1be42], 
Malware.Gen, C:\Users\Toni\Desktop\Desktop\nvivo 7\Keygen.exe, In Quarantäne, [b64a60a055ab60a0357aaba4c739936d], 
Malware.Gen, C:\Users\Toni\Desktop\Desktop\nvivo 7\qsrnvivov7.0.281.0sp4keygenhaze.zip, In Quarantäne, [5ea2ba4644bc6b956b444f008b7552ae], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_incpbbmbclbkhjphicahojidkcabaajc_0.localstorage, In Quarantäne, [2dd3e51b867a8878c2d75a11738fb050], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_incpbbmbclbkhjphicahojidkcabaajc_0.localstorage-journal, In Quarantäne, [9b65d22ee41c77898e0beb803ec49c64], 
PUP.Optional.WebSearch.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\searchplugins\Web Search.xml, In Quarantäne, [ac546a96ee122cd46b152d445aa8d12f], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote.xml, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\accelerate, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg_list.xml, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\337.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\barbie.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\facebook.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\GameCenter.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\google.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\mario.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\twitter.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\v9.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Desk 365\promote\youtube.ico, In Quarantäne, [639d1ae69a6637c9e7e4fa95748f15eb], 
PUP.Optional.Desk365.A, C:\Users\Same\AppData\Roaming\Microsoft\Windows\SendTo\Desk 365.lnk, In Quarantäne, [857bbc44a858c43cc819712712f148b8], 
PUP.Optional.SuperLyrics.A, C:\Windows\Tasks\SuperLyrics-16-chromeinstaller.job, In Quarantäne, [cc34ce328c74a35d97471b7e37cc2dd3], 
PUP.Optional.SuperLyrics.A, C:\Windows\Tasks\SuperLyrics-16-firefoxinstaller.job, In Quarantäne, [cd33817fa8580ef2538b05948083ea16], 
PUP.Optional.Feven.A, C:\Windows\Tasks\Feven 1.5-chromeinstaller.job, In Quarantäne, [22def20eb64aee124514bfe116ed857b], 
PUP.Optional.Feven.A, C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job, In Quarantäne, [619f45bb60a0a0606aef9a06a45f0df3], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy\OpenCandy_13DA043A7C264CBF8622166651D0F496\1600.ico, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy\OpenCandy_13DA043A7C264CBF8622166651D0F496\PCBeschleunigen.exe, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.OpenCandy, C:\Users\Toni\AppData\Roaming\OpenCandy\OpenCandy_13DA043A7C264CBF8622166651D0F496\SpeedstarterDE.exe, In Quarantäne, [5fa116ea38c858a876924e0f966c40c0], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome.manifest, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\install.rdf, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\background.html, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\baseObject.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\browser.xul, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\dialog.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\main.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\options.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\options.xul, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\search_dialog.xul, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\asyncDB.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\background.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\browserAction.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\contextMenu.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\dbManager.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\dom_bg.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\fileManager.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefox.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefoxNotifications.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefoxOmnibox.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\message.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\pageAction.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\request.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\tabs.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\webRequest.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\console.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\consts.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\delegate.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\extensionDataStore.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\folderIOWrapper.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\httpObserver.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\IDBWrapper.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\installer.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\logFile.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\prefs.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\progressListenerObserver.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\registry.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\reloadObserver.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\reports.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\requestObject.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\searchSettings.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\uninstallObserver.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\updateManager.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\utils.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\xhr.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults\preferences\prefs.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\manifest.xml, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins.json, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\138_getdeal_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\101_cortica_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\102_dealply_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\103_intext_5_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\104_jollywallet_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\105_corticas_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\107_coupish_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\108_icm_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\116_ads_only_5_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\117_coupons_intext_ads_5_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\119_similar_web_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\120_luck_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\170_icm1_5_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\171_arcadi2_sourceID_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\175_coolmirage_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\17_jQuery.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\1_base.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\21_debug.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\22_resources.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\28_initializer.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\47_resources_background.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\4_jquery_1_7_1.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\64_appApiMessage.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\123_intext_adv_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\125_arcadi2_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\126_revizer_ws_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\127_revizer_p_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\128_superfish_pricora_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\129_widdit_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\135_arcadi3_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\72_appApiValidation.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\78_CrossriderInfo.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\7_hooks.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\87_ginyas_wrapper.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\91_monetizationLoader.js.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\92_superfish_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\93_superfish_no_coupons_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\98_omniCommands.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\9_search_engine_hook.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\13_CrossriderAppUtils.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\141_corticas_ru_m.js.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\142_intext_fa_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\14_CrossriderUtils.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\155_ibario_pops_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\159_cortica_rollover_m.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\16_FFAppAPIWrapper.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode\background.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode\extension.js, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale\en-US\translations.dtd, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button1.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button2.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button3.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button4.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button5.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\crossrider_statusbar.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon128.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon16.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon24.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon48.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\panelarrow-up.png, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\popup.html, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\skin.css, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\update.css, In Quarantäne, [a45c49b7c0404cb4f7e80a58b44efa06], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome.manifest, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\install.rdf, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\background.html, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\baseObject.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\browser.xul, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\dialog.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\main.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\options.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\options.xul, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\search_dialog.xul, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\asyncDB.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\background.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\browserAction.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\contextMenu.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\dbManager.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\dom_bg.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\fileManager.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\firefox.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\firefoxNotifications.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\firefoxOmnibox.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\message.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\pageAction.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\request.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\tabs.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\api\webRequest.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\console.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\consts.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\delegate.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\extensionDataStore.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\folderIOWrapper.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\httpObserver.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\IDBWrapper.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\installer.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\logFile.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\prefs.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\progressListenerObserver.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\registry.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\reloadObserver.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\reports.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\requestObject.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\searchSettings.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\uninstallObserver.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\updateManager.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\utils.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\chrome\content\core\xhr.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\defaults\preferences\prefs.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\manifest.xml, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins.json, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\101_cortica_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\102_dealply_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\103_intext_5_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\104_jollywallet_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\105_corticas_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\107_coupish_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\108_icm_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\116_ads_only_5_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\117_coupons_intext_ads_5_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\119_similar_web_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\120_luck_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\16_FFAppAPIWrapper.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\170_icm1_5_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\171_arcadi2_sourceID_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\175_coolmirage_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\17_jQuery.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\1_base.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\21_debug.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\22_resources.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\28_initializer.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\47_resources_background.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\4_jquery_1_7_1.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\64_appApiMessage.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\123_intext_adv_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\125_arcadi2_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\126_revizer_ws_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\127_revizer_p_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\128_superfish_pricora_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\129_widdit_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\135_arcadi3_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\138_getdeal_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\72_appApiValidation.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\78_CrossriderInfo.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\7_hooks.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\87_ginyas_wrapper.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\91_monetizationLoader.js.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\92_superfish_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\93_superfish_no_coupons_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\98_omniCommands.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\9_search_engine_hook.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\13_CrossriderAppUtils.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\141_corticas_ru_m.js.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\142_intext_fa_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\14_CrossriderUtils.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\155_ibario_pops_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\plugins\159_cortica_rollover_m.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\userCode\background.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\extensionData\userCode\extension.js, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\locale\en-US\translations.dtd, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button1.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button2.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button3.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button4.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\button5.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\crossrider_statusbar.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\icon128.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\icon16.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\icon24.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\icon48.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\panelarrow-up.png, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\popup.html, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\skin.css, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\extensions\58ad0086-1cfb-48bb-8ad2-33a8905572bc@5715d2be-69b9-4930-8f7e-64bdeb961cfd.com\skin\update.css, In Quarantäne, [7888e02040c0ba469b44d19135cd5ca4], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_incpbbmbclbkhjphicahojidkcabaajc_0\3, In Quarantäne, [f60a639dd42c68988f3dbbaa07fb44bc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\background.html, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\crossriderManifest.json, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\manifest.json, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\popup.html, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\manifest.xml, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins.json, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\21_debug.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\101_cortica_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\102_dealply_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\103_intext_5_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\104_jollywallet_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\105_corticas_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\107_coupish_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\108_icm_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\116_ads_only_5_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\117_coupons_intext_ads_5_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\119_similar_web_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\120_luck_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\123_intext_adv_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\125_arcadi2_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\126_revizer_ws_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\127_revizer_p_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\128_superfish_pricora_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\129_widdit_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\135_arcadi3_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\138_getdeal_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\13_CrossriderAppUtils.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\141_corticas_ru_m.js.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\142_intext_fa_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\14_CrossriderUtils.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\155_ibario_pops_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\159_cortica_rollover_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\170_icm1_5_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\171_arcadi2_sourceID_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\175_coolmirage_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\178_revizer_ws_dynamic_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\179_revizer_p_dynamic_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\17_jQuery.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\19_CHAppAPIWrapper.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\1_base.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\22_resources.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\28_initializer.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\47_resources_background.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\4_jquery_1_7_1.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\64_appApiMessage.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\72_appApiValidation.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\78_CrossriderInfo.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\7_hooks.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\80_CHPopupAppAPI.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\87_ginyas_wrapper.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\91_monetizationLoader.js.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\92_superfish_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\93_superfish_no_coupons_m.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\97_resourceApiWrapper.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\plugins\9_search_engine_hook.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\userCode\background.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\extensionData\userCode\extension.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\icon128.png, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\icon16.png, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\icon48.png, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\icons\actions\1.png, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\background.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\main.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\chrome.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\cookie.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\message.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\pageAction.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\api\pageActionBG.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\app_api.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\bg_app_api.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\consts.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\cookie_store.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\crossriderAPI.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\delegate.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\events.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\extensionDataStore.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\installer.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\logFile.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\logging.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\reports.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\storageWrapper.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\updateManager.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\util.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\xhr.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\popupResource\newPopup.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.18_0\js\lib\popupResource\popup.js, In Quarantäne, [e51b7c8443bd60a03b97a5c0a55d817f], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\000171.sst, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\000176.sst, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\000179.sst, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\000180.log, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\CURRENT, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\LOCK, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\LOG, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\LOG.old, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\incpbbmbclbkhjphicahojidkcabaajc\MANIFEST-000178, In Quarantäne, [be4238c87888c53b9d3c98cdf80a04fc], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\44162.crx, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\44162.xpi, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\Installer.log, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\SuperLyrics-16-chromeinstaller.exe, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\SuperLyrics-16-firefoxinstaller.exe, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SuperLyrics.A, C:\Users\Same\AppData\Local\SuperLyrics-16-BrowserExtensionUninstall\Uninstall.exe, In Quarantäne, [1ce40af64eb20df3fe04bcaa3ec440c0], 
PUP.Optional.SnapDo.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=nt&installDate={installDate}");), Ersetzt,[41bf956b2cd4b14f1dc4be91b74d37c9]
PUP.Optional.SnapDo.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=ds&installDate={installDate}&q=");), Ersetzt,[cf31a957c53bfc04d2100c43b94bbb45]
PUP.Optional.CrossRider.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "141cfa9bafd7a31fc4d6db4148ae0da2");), Ersetzt,[eb15bd43ca3607f92ebb3619c34134cc]
PUP.Optional.Snapdo.A, C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=hp&installDate={installDate}");), Ersetzt,[c9378c7415eb5ea21023480828dca45c]
PUP.Optional.Snapdo.A, C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "hxxp://www.google.com/", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=14cd5bce-ca82-dc68-f5d6-30b69613d004&searchtype=hp&installDate={installDate}", "hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP" ],), Ersetzt,[6d93c739738d22de2f9c064aa55f9e62]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Adwcleaner[.txt:
Code:
ATTFilter
# AdwCleaner v3.100 - Bericht erstellt am 20/04/2014 um 20:40:38
# Aktualisiert 20/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Toni - TONI-HP
# Gestartet von : C:\Users\Toni\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Program Files (x86)\yourfiledownloader
Ordner Gelöscht : C:\Windows\Uninstaller
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Toni\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Toni\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Toni\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Toni\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Toni\AppData\Roaming\yourfiledownloader
Ordner Gelöscht : C:\Users\Same\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
Datei Gelöscht : C:\Users\Same\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Same\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Datei Gelöscht : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_klebezettel-ng_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_klebezettel-ng_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\54ueq59q.default-1392319113432\prefs.js ]


[ Datei : C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");

-\\ Google Chrome v

[ Datei : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [6746 octets] - [20/04/2014 20:39:23]
AdwCleaner[S0].txt - [5966 octets] - [20/04/2014 20:40:38]
         

Geändert von trojanertoni (20.04.2014 um 23:11 Uhr) Grund: Doppelt

Alt 20.04.2014, 23:09   #7
trojanertoni
 
Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Zweiter Teil!

JRT:
Code:
ATTFilter
# AdwCleaner v3.100 - Bericht erstellt am 20/04/2014 um 20:40:38
# Aktualisiert 20/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Toni - TONI-HP
# Gestartet von : C:\Users\Toni\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Program Files (x86)\yourfiledownloader
Ordner Gelöscht : C:\Windows\Uninstaller
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Toni\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Toni\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Toni\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Toni\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Toni\AppData\Roaming\yourfiledownloader
Ordner Gelöscht : C:\Users\Same\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
Datei Gelöscht : C:\Users\Same\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Same\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Datei Gelöscht : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_klebezettel-ng_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_klebezettel-ng_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\54ueq59q.default-1392319113432\prefs.js ]


[ Datei : C:\Users\Same\AppData\Roaming\Mozilla\Firefox\Profiles\1vrvnr5l.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.selectedEngine", "Web Search");

-\\ Google Chrome v

[ Datei : C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Same\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [6746 octets] - [20/04/2014 20:39:23]
AdwCleaner[S0].txt - [5966 octets] - [20/04/2014 20:40:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6026 octets] ##########
         
Neue FRST.txt:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2014 02
Ran by Toni (administrator) on TONI-HP on 21-04-2014 00:00:07
Running from C:\Users\Toni\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(O&O Software GmbH) C:\Program Files\OO Software\DriveLED\oodlag.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\system32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Mekentosj BV) C:\Program Files (x86)\Mekentosj\Papers\Citations.exe
(Dropbox, Inc.) C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files (x86)\Besta\PSH2.0\PSH2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(RealNetworks, Inc.) c:\program files (x86)\real\realplayer\RealPlay.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-09-07] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-27] (Intel Corporation)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ServiceHome] => C:\Program Files (x86)\Besta\PSH2.0\PSH2.exe [3067904 2010-08-20] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-11-13] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-25] (Easybits)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [F.lux] => C:\Users\Toni\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Citations] => C:\Program Files (x86)\Mekentosj\Papers\Citations.exe [664064 2013-03-12] (Mekentosj BV)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {3A39D5F3-635C-44AB-A170-7EB25B6239D7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {99E87C1F-BC2F-42C6-9B24-5B9FA12E628F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {3A39D5F3-635C-44AB-A170-7EB25B6239D7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - E69BCC8206984B329D06D7635D8406BF URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100489&mntrId=e8c86a190000000000000026c7a85423
SearchScopes: HKCU - {3A39D5F3-635C-44AB-A170-7EB25B6239D7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {750CF89F-CA32-4255-9B2D-786E9F5C1E49} URL = 
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: EgisPBIE Class - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: EgisPBIE Class - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{30B2CFE4-82E7-44F2-ABFF-E00AF5D91C19}: [NameServer]0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\54ueq59q.default-1392319113432
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @sun.com/npsopluginmi;version=1.0 - C:\Program Files (x86)\OpenOffice.org 3\program ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Bitdefender QuickScan - C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\54ueq59q.default-1392319113432\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-04-15]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt
FF Extension: SimplePass Online Accounts Extension  - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2010-10-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-06]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

Chrome: 
=======
CHR HomePage: hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
CHR Plugin: (Shockwave Flash) - C:\Users\Toni\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Toni\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Toni\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
CHR Plugin: (Google Update) - C:\Users\Toni\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (RealDownloader) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-17]
CHR Extension: (NCapture) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgomjifbpjfhpodjhihemafahhmegbek [2013-04-13]
CHR Extension: (Skype Click to Call) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-07-15]
CHR Extension: (Google Wallet) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-17]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-06-22]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 EgisTec Service; C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [697712 2010-06-08] (Egis Technology Inc. )
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 O&O DriveLED; C:\Program Files\OO Software\DriveLED\oodlag.exe [610048 2009-09-28] (O&O Software GmbH)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-06] (DT Soft Ltd)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R0 OODrvled; C:\Windows\System32\DRIVERS\OODrvled.sys [30216 2009-09-28] (O&O Software GmbH)
R2 ProtectorA; C:\Windows\system32\drivers\ProtectorA.sys [22672 2012-01-11] (www.ISRA.org.cn)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Toni\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 iscFlash; \??\C:\Users\Toni\AppData\Local\Temp\iscflashx64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-21 00:00 - 2014-04-21 00:00 - 00000000 ____D () C:\Users\Toni\Downloads\FRST-OlderVersion
2014-04-20 21:26 - 2014-04-20 21:26 - 00001062 _____ () C:\Users\Toni\Desktop\JRT.txt
2014-04-20 21:21 - 2014-04-20 21:21 - 00005037 _____ () C:\Users\Toni\Desktop\mbam.txt
2014-04-20 21:04 - 2014-04-20 21:04 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 20:59 - 2014-04-20 20:59 - 00006118 _____ () C:\Users\Toni\Desktop\AdwCleaner[S0].txt
2014-04-20 20:39 - 2014-04-20 20:41 - 00000000 ____D () C:\AdwCleaner
2014-04-20 20:37 - 2014-04-20 20:38 - 01308369 _____ () C:\Users\Toni\Downloads\adwcleaner.exe
2014-04-20 20:36 - 2014-04-20 20:36 - 00003606 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Toni
2014-04-20 20:35 - 2014-04-20 20:46 - 00000372 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Toni.job
2014-04-20 20:35 - 2014-04-20 20:43 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Toni.job
2014-04-20 20:35 - 2014-04-20 20:43 - 00000362 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Toni.job
2014-04-20 20:35 - 2014-04-20 20:36 - 00002956 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Toni
2014-04-20 20:35 - 2014-04-20 20:36 - 00002952 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Toni
2014-04-20 20:35 - 2014-04-20 20:36 - 00002660 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Toni
2014-04-20 15:18 - 2014-04-20 15:32 - 00771752 _____ () C:\Windows\Minidump\042014-168449-01.dmp
2014-04-16 22:00 - 2014-04-16 22:00 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files\iTunes
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files\iPod
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-16 21:48 - 2014-04-16 21:48 - 00001805 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-04-16 21:47 - 2014-04-16 21:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-16 14:39 - 2014-04-20 21:43 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 14:19 - 2014-04-16 14:20 - 01016261 _____ (Thisisu) C:\Users\Toni\Downloads\JRT.exe
2014-04-16 14:19 - 2014-04-16 14:19 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-16 14:18 - 2014-04-16 14:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-16 14:18 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-16 14:18 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-16 14:17 - 2014-04-16 14:17 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Toni\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 14:16 - 2014-04-21 00:00 - 00000000 ____D () C:\FRST
2014-04-15 14:16 - 2014-04-21 00:00 - 00000000 _____ () C:\Users\Toni\Downloads\FRST.txt
2014-04-15 14:16 - 2014-04-15 14:17 - 00051589 _____ () C:\Users\Toni\Downloads\Addition.txt
2014-04-15 14:15 - 2014-04-21 00:00 - 02056704 _____ (Farbar) C:\Users\Toni\Downloads\FRST64.exe
2014-04-14 22:30 - 2014-04-14 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 21:57 - 2014-04-07 21:57 - 00000364 _____ () C:\Users\Toni\Downloads\swisscom_internet_access.txt
2014-03-27 18:53 - 2014-03-28 10:50 - 00001006 _____ () C:\Users\Toni\Downloads\Lab 4.do
2014-03-24 08:11 - 2014-03-24 08:11 - 00000227 _____ () C:\Users\Toni\Downloads\Lab 3.do
2014-03-24 07:40 - 2014-03-24 07:40 - 00002922 _____ () C:\Users\Toni\Downloads\Lab3_States.dta

==================== One Month Modified Files and Folders =======

2014-04-21 00:00 - 2014-04-21 00:00 - 00000000 ____D () C:\Users\Toni\Downloads\FRST-OlderVersion
2014-04-21 00:00 - 2014-04-15 14:16 - 00000000 ____D () C:\FRST
2014-04-21 00:00 - 2014-04-15 14:16 - 00000000 _____ () C:\Users\Toni\Downloads\FRST.txt
2014-04-21 00:00 - 2014-04-15 14:15 - 02056704 _____ (Farbar) C:\Users\Toni\Downloads\FRST64.exe
2014-04-20 23:58 - 2013-09-01 17:48 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006UA.job
2014-04-20 23:44 - 2012-11-23 17:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-20 23:44 - 2012-01-26 22:40 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\Dropbox
2014-04-20 23:44 - 2011-03-01 19:30 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\Skype
2014-04-20 23:38 - 2012-01-26 22:41 - 00000000 ___RD () C:\Users\Toni\Dropbox
2014-04-20 22:16 - 2009-07-14 04:34 - 00423303 _____ () C:\Windows\win.ini
2014-04-20 21:43 - 2014-04-16 14:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 21:38 - 2010-10-08 19:31 - 01656505 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 21:26 - 2014-04-20 21:26 - 00001062 _____ () C:\Users\Toni\Desktop\JRT.txt
2014-04-20 21:21 - 2014-04-20 21:21 - 00005037 _____ () C:\Users\Toni\Desktop\mbam.txt
2014-04-20 21:08 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 21:08 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 21:04 - 2014-04-20 21:04 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 20:59 - 2014-04-20 20:59 - 00006118 _____ () C:\Users\Toni\Desktop\AdwCleaner[S0].txt
2014-04-20 20:52 - 2010-07-23 20:10 - 23530122 _____ () C:\Windows\system32\perfh007.dat
2014-04-20 20:52 - 2010-07-23 20:10 - 07650412 _____ () C:\Windows\system32\perfc007.dat
2014-04-20 20:52 - 2009-07-14 07:13 - 00006488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 20:46 - 2014-04-20 20:35 - 00000372 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Toni.job
2014-04-20 20:43 - 2014-04-20 20:35 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Toni.job
2014-04-20 20:43 - 2014-04-20 20:35 - 00000362 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Toni.job
2014-04-20 20:43 - 2014-01-13 18:13 - 00003211 _____ () C:\Windows\setupact.log
2014-04-20 20:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 20:42 - 2010-10-08 19:40 - 00721486 _____ () C:\Windows\PFRO.log
2014-04-20 20:41 - 2014-04-20 20:39 - 00000000 ____D () C:\AdwCleaner
2014-04-20 20:40 - 2013-08-24 18:25 - 00000000 ___RD () C:\Users\Same\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-20 20:38 - 2014-04-20 20:37 - 01308369 _____ () C:\Users\Toni\Downloads\adwcleaner.exe
2014-04-20 20:36 - 2014-04-20 20:36 - 00003606 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Toni
2014-04-20 20:36 - 2014-04-20 20:35 - 00002956 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Toni
2014-04-20 20:36 - 2014-04-20 20:35 - 00002952 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Toni
2014-04-20 20:36 - 2014-04-20 20:35 - 00002660 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Toni
2014-04-20 15:32 - 2014-04-20 15:18 - 00771752 _____ () C:\Windows\Minidump\042014-168449-01.dmp
2014-04-20 15:32 - 2011-03-02 15:19 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{33F05840-799A-45B7-A3DC-FC5A62EDCA7E}
2014-04-20 15:18 - 2011-07-12 20:17 - 00000000 ____D () C:\Windows\Minidump
2014-04-16 23:23 - 2011-12-22 06:51 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-16 22:00 - 2014-04-16 22:00 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files\iTunes
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files\iPod
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-16 21:55 - 2011-03-04 08:10 - 00000000 ____D () C:\ProgramData\Apple
2014-04-16 21:48 - 2014-04-16 21:48 - 00001805 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-04-16 21:48 - 2014-04-16 21:47 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-16 16:33 - 2010-10-08 19:38 - 00000000 ____D () C:\Windows\HPQ
2014-04-16 15:40 - 2013-10-21 15:04 - 00000000 ____D () C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall
2014-04-16 14:21 - 2012-02-06 00:40 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\Malwarebytes
2014-04-16 14:21 - 2012-02-06 00:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-16 14:20 - 2014-04-16 14:19 - 01016261 _____ (Thisisu) C:\Users\Toni\Downloads\JRT.exe
2014-04-16 14:19 - 2014-04-16 14:19 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-16 14:18 - 2014-04-16 14:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-16 14:17 - 2014-04-16 14:17 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Toni\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-16 12:59 - 2013-09-01 17:48 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006Core.job
2014-04-15 14:46 - 2011-07-16 11:00 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\QuickScan
2014-04-15 14:17 - 2014-04-15 14:16 - 00051589 _____ () C:\Users\Toni\Downloads\Addition.txt
2014-04-14 22:30 - 2014-04-14 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-14 09:00 - 2014-01-23 23:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-14 09:00 - 2014-01-23 23:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-14 09:00 - 2013-08-24 18:25 - 00000000 ____D () C:\Users\Same
2014-04-14 09:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-13 23:15 - 2011-03-01 18:37 - 00000000 ____D () C:\Users\Toni
2014-04-07 21:57 - 2014-04-07 21:57 - 00000364 _____ () C:\Users\Toni\Downloads\swisscom_internet_access.txt
2014-04-03 09:51 - 2014-04-16 14:18 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-16 14:18 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-02-06 00:40 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-28 10:50 - 2014-03-27 18:53 - 00001006 _____ () C:\Users\Toni\Downloads\Lab 4.do
2014-03-28 10:02 - 2011-03-01 19:21 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\vlc
2014-03-27 03:01 - 2011-06-02 22:08 - 00000000 ____D () C:\Users\Toni\Documents\My Library
2014-03-24 08:11 - 2014-03-24 08:11 - 00000227 _____ () C:\Users\Toni\Downloads\Lab 3.do
2014-03-24 07:40 - 2014-03-24 07:40 - 00002922 _____ () C:\Users\Toni\Downloads\Lab3_States.dta
2014-03-23 00:42 - 2013-07-21 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-23 00:40 - 2011-04-08 22:22 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-22 11:36 - 2013-02-27 23:15 - 00000000 ____D () C:\Windows\rescache
2014-03-22 11:35 - 2011-03-06 19:09 - 00000000 ____D () C:\Windows\System32\Tasks\Games

Some content of TEMP:
====================
C:\Users\Toni\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Toni\AppData\Local\Temp\htmlayout.dll
C:\Users\Toni\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Toni\AppData\Local\Temp\Quarantine.exe
C:\Users\Toni\AppData\Local\Temp\uninstall10646319.exe
C:\Users\Toni\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Toni\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-20 22:09

==================== End Of Log ============================
         
--- --- ---


Nochmal vielen Dank, und frohe Ostern!

trojanertoni

Alt 21.04.2014, 20:32   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.04.2014, 16:12   #9
trojanertoni
 
Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Danke! Sorry für die lange Zeit, zwischendurch wollte er nicht mehr hochfahren. Keine Ahnung, was los ist/war.

ESET logfile:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6de02d1dbf7062439887b9e8d7f3d34b
# engine=18063
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-28 09:04:34
# local_time=2014-04-28 11:04:34 (+0100, Mitteleuropäische Sommerzeit   )
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 8390198 150348924 0 0
# scanned=350544
# found=7
# cleaned=0
# scan_time=8279
sh=9B1B80BFC3D37A62A107DDD9B61C377DD26D0146 ft=0 fh=0000000000000000 vn="Variante von Java/Exploit.CVE-2011-3544.AV Trojaner" ac=I fn="C:\Users\Toni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\14710b4b-56a104be"
sh=D9C29C989246597790625A885CB9EBCA6F0A36F4 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-1723.E Trojaner" ac=I fn="C:\Users\Toni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\1ffd071a-356b035c"
sh=076235DD75DB0D5DC4739C79B034D682E5308370 ft=0 fh=0000000000000000 vn="Variante von Java/Exploit.CVE-2012-4681.CU Trojaner" ac=I fn="C:\Users\Toni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\4492f52c-31b47025"
sh=076235DD75DB0D5DC4739C79B034D682E5308370 ft=0 fh=0000000000000000 vn="Variante von Java/Exploit.CVE-2012-4681.CU Trojaner" ac=I fn="C:\Users\Toni\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\4492f52c-73ee28c2"
sh=2A4FDFF4BA2CB74DFCB7C087E2FF7DEA131A60D0 ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AADO Trojaner" ac=I fn="C:\Users\Toni\Documents\OTL\_OTL.zip"
sh=F7CCA2F3B77A6F02A0647D76E8FFCB015E8087CC ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.AADO Trojaner" ac=I fn="C:\_OTL\MovedFiles.zip"
sh=2678838E2E5FA32965F9E828A0D8FF365D874CAA ft=0 fh=0000000000000000 vn="Variante von Generik.LERQPFC Trojaner" ac=I fn="G:\Tests\Windows\800test.coms_5_Verbal_tests.zip"
         
Security Check:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 24  
 Java(TM) 6 Update 22  
 Java 7 Update 51  
 Java version out of Date! 
 Adobe Flash Player 13.0.0.206  
 Mozilla Firefox (28.0) 
 Mozilla Thunderbird (3.1.10) Thunderbird out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Neue FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014
Ran by Toni (administrator) on TONI-HP on 29-04-2014 17:10:56
Running from C:\Users\Toni\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(O&O Software GmbH) C:\Program Files\OO Software\DriveLED\oodlag.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Mekentosj BV) C:\Program Files (x86)\Mekentosj\Papers\Citations.exe
(Dropbox, Inc.) C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
() C:\Program Files (x86)\Besta\PSH2.0\PSH2.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(RealNetworks, Inc.) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
() C:\Users\Toni\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) c:\program files (x86)\real\realplayer\update\realsched.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-09-07] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-27] (Intel Corporation)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [ServiceHome] => C:\Program Files (x86)\Besta\PSH2.0\PSH2.exe [3067904 2010-08-20] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-25] (Easybits)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\update\realsched.exe [296520 2014-04-29] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Citations] => C:\Program Files (x86)\Mekentosj\Papers\Citations.exe [664064 2013-03-12] (Mekentosj BV)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1437298276-3645973725-722044047-1001\...\Policies\system: [DisableChangePassword] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Toni\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Toni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {3A39D5F3-635C-44AB-A170-7EB25B6239D7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {99E87C1F-BC2F-42C6-9B24-5B9FA12E628F} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {3A39D5F3-635C-44AB-A170-7EB25B6239D7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - E69BCC8206984B329D06D7635D8406BF URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100489&mntrId=e8c86a190000000000000026c7a85423
SearchScopes: HKCU - {3A39D5F3-635C-44AB-A170-7EB25B6239D7} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {750CF89F-CA32-4255-9B2D-786E9F5C1E49} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: EgisPBIE Class - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\x64\EgisPBIE.dll (Egis Technology Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: EgisPBIE Class - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.48.1
Tcpip\..\Interfaces\{30B2CFE4-82E7-44F2-ABFF-E00AF5D91C19}: [NameServer]0.0.0.0

FireFox:
========
FF ProfilePath: C:\Users\Toni\AppData\Roaming\Mozilla\Firefox\Profiles\yujefysg.default-1398032586799
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @sun.com/npsopluginmi;version=1.0 - C:\Program Files (x86)\OpenOffice.org 3\program ()
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt
FF Extension: SimplePass Online Accounts Extension  - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt [2010-10-08]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-06]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-01]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-29]
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

Chrome: 
=======
CHR HomePage: hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
CHR Plugin: (Shockwave Flash) - C:\Users\Toni\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Toni\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Toni\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
CHR Plugin: (Google Update) - C:\Users\Toni\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (RealDownloader) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-17]
CHR Extension: (NCapture) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgomjifbpjfhpodjhihemafahhmegbek [2013-04-13]
CHR Extension: (Skype Click to Call) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-07-15]
CHR Extension: (Google Wallet) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-17]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-06-22]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Toni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 EgisTec Service; C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [697712 2010-06-08] (Egis Technology Inc. )
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 O&O DriveLED; C:\Program Files\OO Software\DriveLED\oodlag.exe [610048 2009-09-28] (O&O Software GmbH)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-29] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] ()
S2 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-06] (DT Soft Ltd)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [20056 2009-11-11] (DeviceVM, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-28] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R0 OODrvled; C:\Windows\System32\DRIVERS\OODrvled.sys [30216 2009-09-28] (O&O Software GmbH)
R2 ProtectorA; C:\Windows\system32\drivers\ProtectorA.sys [22672 2012-01-11] (www.ISRA.org.cn)
S3 VMLiteUSB; C:\Windows\System32\Drivers\VMLiteUSB.sys [150120 2010-08-11] (VMLite, Inc.)
S3 ALSysIO; \??\C:\Users\Toni\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 iscFlash; \??\C:\Users\Toni\AppData\Local\Temp\iscflashx64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-29 16:46 - 2014-04-29 17:10 - 00003358 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1437298276-3645973725-722044047-1001
2014-04-29 16:46 - 2014-04-29 17:10 - 00003222 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1437298276-3645973725-722044047-1001
2014-04-29 16:46 - 2014-04-29 16:46 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\RealNetworks
2014-04-29 16:11 - 2014-04-29 16:11 - 00001132 _____ () C:\Users\Public\Desktop\RealPlayer Cloud.lnk
2014-04-29 16:07 - 2014-04-29 16:07 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-04-29 16:07 - 2014-04-29 16:07 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-04-29 16:07 - 2014-04-29 16:07 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-04-29 16:06 - 2014-04-29 16:06 - 00505416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-04-29 16:06 - 2014-04-29 16:06 - 00353864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-04-29 16:06 - 2014-04-29 16:06 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-04-28 20:44 - 2014-04-28 20:44 - 02347384 _____ (ESET) C:\Users\Toni\Downloads\esetsmartinstaller_deu.exe
2014-04-28 20:44 - 2014-04-28 20:44 - 00855379 _____ () C:\Users\Toni\Downloads\SecurityCheck.exe
2014-04-28 20:44 - 2014-04-28 20:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-28 20:03 - 2014-04-29 15:06 - 00000112 _____ () C:\Windows\setupact.log
2014-04-28 20:03 - 2014-04-28 20:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-21 00:00 - 2014-04-29 17:10 - 00000000 ____D () C:\Users\Toni\Downloads\FRST-OlderVersion
2014-04-20 21:26 - 2014-04-20 21:26 - 00001062 _____ () C:\Users\Toni\Desktop\JRT.txt
2014-04-20 21:21 - 2014-04-20 21:21 - 00005037 _____ () C:\Users\Toni\Desktop\mbam.txt
2014-04-20 21:04 - 2014-04-20 21:04 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 20:59 - 2014-04-20 20:59 - 00006118 _____ () C:\Users\Toni\Desktop\AdwCleaner[S0].txt
2014-04-20 20:39 - 2014-04-20 20:41 - 00000000 ____D () C:\AdwCleaner
2014-04-20 20:37 - 2014-04-20 20:38 - 01308369 _____ () C:\Users\Toni\Downloads\adwcleaner.exe
2014-04-16 22:00 - 2014-04-16 22:00 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-16 22:00 - 2014-04-16 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files\iTunes
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files\iPod
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-16 21:48 - 2014-04-16 21:48 - 00001805 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-04-16 21:48 - 2014-04-16 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-04-16 21:47 - 2014-04-16 21:48 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-16 14:39 - 2014-04-28 21:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 14:19 - 2014-04-16 14:20 - 01016261 _____ (Thisisu) C:\Users\Toni\Downloads\JRT.exe
2014-04-16 14:19 - 2014-04-16 14:19 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-16 14:19 - 2014-04-16 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-16 14:18 - 2014-04-16 14:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-16 14:18 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-16 14:18 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-16 14:17 - 2014-04-16 14:17 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Toni\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 14:16 - 2014-04-29 17:10 - 00000777 _____ () C:\Users\Toni\Downloads\FRST.txt
2014-04-15 14:16 - 2014-04-29 17:10 - 00000000 ____D () C:\FRST
2014-04-15 14:16 - 2014-04-15 14:17 - 00051589 _____ () C:\Users\Toni\Downloads\Addition.txt
2014-04-15 14:15 - 2014-04-29 17:10 - 02061824 _____ (Farbar) C:\Users\Toni\Downloads\FRST64.exe
2014-04-14 22:30 - 2014-04-14 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-14 21:53 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-14 21:53 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-14 21:53 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-14 21:53 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-14 21:53 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-14 21:53 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-14 21:53 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-14 21:53 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-14 21:53 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-14 21:53 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-14 21:53 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-14 21:53 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-14 21:53 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-14 21:53 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-14 21:53 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-14 21:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-14 21:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-14 21:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-14 21:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-14 21:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-14 21:53 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 21:57 - 2014-04-07 21:57 - 00000364 _____ () C:\Users\Toni\Downloads\swisscom_internet_access.txt

==================== One Month Modified Files and Folders =======

2014-04-30 01:04 - 2013-08-24 18:25 - 00000000 ____D () C:\Users\Same
2014-04-30 01:04 - 2011-09-17 17:33 - 00000000 ____D () C:\Users\Toni\Documents\PC Service Home Setting
2014-04-30 01:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-29 17:10 - 2014-04-29 16:46 - 00003358 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1437298276-3645973725-722044047-1001
2014-04-29 17:10 - 2014-04-29 16:46 - 00003222 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1437298276-3645973725-722044047-1001
2014-04-29 17:10 - 2014-04-21 00:00 - 00000000 ____D () C:\Users\Toni\Downloads\FRST-OlderVersion
2014-04-29 17:10 - 2014-04-15 14:16 - 00000777 _____ () C:\Users\Toni\Downloads\FRST.txt
2014-04-29 17:10 - 2014-04-15 14:16 - 00000000 ____D () C:\FRST
2014-04-29 17:10 - 2014-04-15 14:15 - 02061824 _____ (Farbar) C:\Users\Toni\Downloads\FRST64.exe
2014-04-29 16:58 - 2013-09-01 17:48 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006UA.job
2014-04-29 16:46 - 2014-04-29 16:46 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\RealNetworks
2014-04-29 16:45 - 2012-11-23 17:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-29 16:45 - 2011-05-30 10:31 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\Real
2014-04-29 16:11 - 2014-04-29 16:11 - 00001132 _____ () C:\Users\Public\Desktop\RealPlayer Cloud.lnk
2014-04-29 16:11 - 2011-05-30 10:31 - 00000000 ____D () C:\Program Files (x86)\Real
2014-04-29 16:07 - 2014-04-29 16:07 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-04-29 16:07 - 2014-04-29 16:07 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-04-29 16:07 - 2014-04-29 16:07 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-04-29 16:07 - 2013-11-13 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-04-29 16:07 - 2011-05-30 10:31 - 00000000 ____D () C:\ProgramData\Real
2014-04-29 16:06 - 2014-04-29 16:06 - 00505416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-04-29 16:06 - 2014-04-29 16:06 - 00353864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-04-29 16:06 - 2014-04-29 16:06 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-04-29 16:06 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-29 15:30 - 2011-03-01 19:30 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\Skype
2014-04-29 15:22 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-29 15:22 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-29 15:19 - 2010-10-08 19:31 - 01921648 _____ () C:\Windows\WindowsUpdate.log
2014-04-29 15:17 - 2012-01-26 22:40 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\Dropbox
2014-04-29 15:15 - 2012-01-26 22:41 - 00000000 ___RD () C:\Users\Toni\Dropbox
2014-04-29 15:15 - 2009-07-14 04:34 - 00423383 _____ () C:\Windows\win.ini
2014-04-29 15:14 - 2010-07-23 20:10 - 23563894 _____ () C:\Windows\system32\perfh007.dat
2014-04-29 15:14 - 2010-07-23 20:10 - 07661592 _____ () C:\Windows\system32\perfc007.dat
2014-04-29 15:14 - 2009-07-14 07:13 - 00006488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-29 15:08 - 2011-03-01 18:37 - 00000000 ____D () C:\Users\Toni
2014-04-29 15:06 - 2014-04-28 20:03 - 00000112 _____ () C:\Windows\setupact.log
2014-04-29 15:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-28 23:40 - 2013-02-27 23:15 - 00000000 ____D () C:\Windows\rescache
2014-04-28 21:55 - 2014-04-16 14:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 21:44 - 2012-11-23 17:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 21:44 - 2012-07-28 07:51 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-28 21:44 - 2012-07-28 07:51 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 21:09 - 2011-03-02 15:19 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{33F05840-799A-45B7-A3DC-FC5A62EDCA7E}
2014-04-28 20:44 - 2014-04-28 20:44 - 02347384 _____ (ESET) C:\Users\Toni\Downloads\esetsmartinstaller_deu.exe
2014-04-28 20:44 - 2014-04-28 20:44 - 00855379 _____ () C:\Users\Toni\Downloads\SecurityCheck.exe
2014-04-28 20:44 - 2014-04-28 20:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-28 20:03 - 2014-04-28 20:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-28 20:03 - 2010-10-08 19:40 - 00722558 _____ () C:\Windows\PFRO.log
2014-04-21 00:43 - 2011-03-03 23:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-21 00:42 - 2014-01-23 23:09 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-04-21 00:42 - 2011-12-30 19:27 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-21 00:41 - 2014-01-23 23:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-21 00:41 - 2014-01-23 23:07 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-21 00:39 - 2013-07-21 03:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-21 00:38 - 2011-04-08 22:22 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-21 00:32 - 2011-03-01 19:28 - 00000000 ____D () C:\Users\Toni\AppData\Local\Adobe
2014-04-21 00:32 - 2010-07-23 12:12 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-21 00:31 - 2010-07-23 12:12 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-21 00:23 - 2014-02-13 21:18 - 00000000 ____D () C:\Users\Toni\Desktop\Alte Firefox-Daten
2014-04-21 00:19 - 2013-10-21 15:06 - 00000000 ____D () C:\Users\Toni\AppData\Local\FluxSoftware
2014-04-21 00:06 - 2011-07-12 20:17 - 00000000 ____D () C:\Windows\Minidump
2014-04-20 21:26 - 2014-04-20 21:26 - 00001062 _____ () C:\Users\Toni\Desktop\JRT.txt
2014-04-20 21:21 - 2014-04-20 21:21 - 00005037 _____ () C:\Users\Toni\Desktop\mbam.txt
2014-04-20 21:04 - 2014-04-20 21:04 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 20:59 - 2014-04-20 20:59 - 00006118 _____ () C:\Users\Toni\Desktop\AdwCleaner[S0].txt
2014-04-20 20:41 - 2014-04-20 20:39 - 00000000 ____D () C:\AdwCleaner
2014-04-20 20:40 - 2013-08-24 18:25 - 00000000 ___RD () C:\Users\Same\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-20 20:38 - 2014-04-20 20:37 - 01308369 _____ () C:\Users\Toni\Downloads\adwcleaner.exe
2014-04-16 23:23 - 2011-12-22 06:51 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-16 22:00 - 2014-04-16 22:00 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-16 22:00 - 2014-04-16 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files\iTunes
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files\iPod
2014-04-16 21:59 - 2014-04-16 21:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-16 21:55 - 2011-03-04 08:10 - 00000000 ____D () C:\ProgramData\Apple
2014-04-16 21:48 - 2014-04-16 21:48 - 00001805 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-04-16 21:48 - 2014-04-16 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-04-16 21:48 - 2014-04-16 21:47 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-04-16 16:33 - 2010-10-08 19:38 - 00000000 ____D () C:\Windows\HPQ
2014-04-16 15:40 - 2013-10-21 15:04 - 00000000 ____D () C:\Users\Same\AppData\Local\Feven 1.5-BrowserExtensionUninstall
2014-04-16 14:21 - 2012-02-06 00:40 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\Malwarebytes
2014-04-16 14:21 - 2012-02-06 00:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-16 14:20 - 2014-04-16 14:19 - 01016261 _____ (Thisisu) C:\Users\Toni\Downloads\JRT.exe
2014-04-16 14:19 - 2014-04-16 14:19 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-16 14:19 - 2014-04-16 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-16 14:18 - 2014-04-16 14:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-16 14:17 - 2014-04-16 14:17 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Toni\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-16 12:59 - 2013-09-01 17:48 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1437298276-3645973725-722044047-1006Core.job
2014-04-15 14:46 - 2011-07-16 11:00 - 00000000 ____D () C:\Users\Toni\AppData\Roaming\QuickScan
2014-04-15 14:17 - 2014-04-15 14:16 - 00051589 _____ () C:\Users\Toni\Downloads\Addition.txt
2014-04-14 22:30 - 2014-04-14 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 21:57 - 2014-04-07 21:57 - 00000364 _____ () C:\Users\Toni\Downloads\swisscom_internet_access.txt
2014-04-03 09:51 - 2014-04-16 14:18 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-16 14:18 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-02-06 00:40 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 03:16 - 2014-04-14 21:53 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-14 21:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-14 21:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-14 21:53 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

Some content of TEMP:
====================
C:\Users\Toni\AppData\Local\Temp\Quarantine.exe
C:\Users\Toni\AppData\Local\Temp\stubhelper.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 16:53

==================== End Of Log ============================
         
--- --- ---


DIe Probleme sind immer noch da, und scheinen auch nicht besser zu werden, obwohl jeder Scan was findet. Hast du noch weitere Ideen? Sonst würde ich ihn jetzt neu aufsetzen!

Danke nochmal!

Alt 30.04.2014, 23:20   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Definier die Probleme nochmal genau. Malware ist da keine mehr ausser bissl was in den Temps.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.05.2014, 22:04   #11
trojanertoni
 
Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Dankeschön!
Also ne genauere Definition der Probleme:
1. Wenn ich versuche, etwas auf die Festplatte zu schreiben, hängt er erst mal 10 Minuten, macht es dann aber (zuverlässig).
2. Wenn ich versuche, nen Ordner zu öffnen, friert er meistens (nicht immer) ein (egal, ob C.; D:, bei externen aber weniger).
3. Beim Starten dauert es ewig, bis der Desktop benutzbar ist. Meistens sind erst mal gar keine Symbole da, dann kommen die Symbole und der Desktop friert ein (als er wird sehr hell, so ein bisschen "fadet"), irgendwann geht es dann. Wenn ich ein neues Programm, wie z.B. Firefox öffne, dauert es auch meistens, und friert erst mal ein.
4. Der Task-Manager geht zwar öffnen, aber die ganzen Reiter oben sind nicht da, sodass ich nur die Prozesse sehen kann, und nicht zwischen aktiven Programmen/Prozessen etc. wechseln kann.
5. Aus dem Stand-By lässt er sich gar nicht mehr wiederbeleben, aus dem Ruhezustand etwa 75%.

Ich habe das Gefühl, dass es nach einem erneuten Neustart jetzt etwas schneller geworden ist, z.B. lässt er mich grad normal im File-Menü navigieren, aber das geht auch manchmal wieder weg, und der Task-Manager ist halt echt komisch. Speichern lässt er mich auch immer noch nur nach einigen Minuten warten, wo echt gar nichts mehr geht.

Soll ich mal Temp löschen?

Nochmal vielen Dank,
Toni

Alt 02.05.2014, 16:49   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Ja.

How to perform a clean boot in Windows
Und mach mal nen Clean Boot.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.05.2014, 14:53   #13
trojanertoni
 
Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Temp ist gelöscht. Clean Boot habe ich versucht, aber es hat nicht funktioniert. Autostartprogramme waren genau so viele, Prozesse auch, und es hat genau so lang gedauert, bis er wieder ansprechbar war. Er hat sich dann auch voll heiß gelaufen, sodass der Lüfter sehr laut wa, das habe ich sonst nur unter Volllast. Ich werde den Clean Boot heute abend nochmal ausprobieren, es dauert aber auch immer 10 Minuten, bis ich Zugriff zur msconfig bekomme. Weißt du, woran das liegen kann?

Danke nochmal!

Alt 06.05.2014, 10:06   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



10 minuten? Das is arg stramm. Windows DVD da?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.05.2014, 17:40   #15
trojanertoni
 
Festplattenzugriff sehr langsam - Malware? - Standard

Festplattenzugriff sehr langsam - Malware?



Ja, ich habe grad eine auf nem anderen PC runtergeladen und gebrannt. Soll ich neu aufsetzen oder nur reparieren?

Antwort

Themen zu Festplattenzugriff sehr langsam - Malware?
abgesicherten, beim starten, eingeschränkt, festplattenzugriff, malware.gen, pup.optional.bundleinstaller.a, pup.optional.conduit.a, pup.optional.crossrider.a, pup.optional.desk365.a, pup.optional.domaiq, pup.optional.feven.a, pup.optional.firseria, pup.optional.installcore.a, pup.optional.installerex, pup.optional.lyrics.a, pup.optional.opencandy, pup.optional.searchprotect.a, pup.optional.smartbar, pup.optional.snapdo, pup.optional.snapdo.a, pup.optional.softonic.a, pup.optional.superlyrics.a, pup.optional.tubesing.a, pup.optional.websearch.a, super, virenproblem




Ähnliche Themen: Festplattenzugriff sehr langsam - Malware?


  1. Win7: Chrome Browser nach Malware Attacke sehr langsam.
    Plagegeister aller Art und deren Bekämpfung - 02.07.2015 (6)
  2. Windows 7 - 64bit: PC sehr langsam, Vermutung Malware, Toshiba Service Station Problem
    Log-Analyse und Auswertung - 01.07.2015 (20)
  3. Windows Vista incredibar-search ASK-Toolbar vermutlich Malware, Rechner sehr langsam
    Log-Analyse und Auswertung - 28.04.2015 (11)
  4. Mein Notebook arbeitet sehr sehr langsam evtl. virus?
    Plagegeister aller Art und deren Bekämpfung - 09.02.2015 (13)
  5. Tablet Acer Iconia w510 sehr langsam. Malware oder unerwünschte Software?
    Mülltonne - 04.01.2015 (1)
  6. Laptop seit 2 Wochen sehr langsam (Aussetzer) - Malware bereits über anderes Topic "behandelt"
    Alles rund um Windows - 25.07.2013 (8)
  7. Programme starten sehr langsam / Windows allg. sehr lahm
    Log-Analyse und Auswertung - 18.05.2013 (2)
  8. Trojan.Agent, Malware Trace. PC sehr langsam
    Log-Analyse und Auswertung - 19.02.2013 (9)
  9. Windwos 7 - Internet sehr langsam -Trojan.Agent und Malware.Gen gefunden
    Log-Analyse und Auswertung - 18.02.2013 (23)
  10. Pc wird sehr sehr langsam, Virenscanner schlägt ständig Alarm
    Log-Analyse und Auswertung - 05.06.2012 (4)
  11. viele Internetseiten nicht mehr erreichbar oder sehr sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 25.05.2012 (13)
  12. PC sehr langsam und Programme öffnen sich sehr langsam...
    Log-Analyse und Auswertung - 01.05.2012 (5)
  13. AntiVir Malware/Trojaner - PC sehr langsam
    Log-Analyse und Auswertung - 08.09.2010 (17)
  14. Prozesse doppelt, PC sehr sehr langsam, hängt sich auf, noch zu retten?
    Log-Analyse und Auswertung - 29.06.2010 (2)
  15. Rechner sehr langsam, Spy- & Malware?
    Log-Analyse und Auswertung - 06.07.2009 (17)
  16. Mein rechner ist seit eine viren attake sehr sehr langsam
    Log-Analyse und Auswertung - 10.02.2009 (0)
  17. Festplattenzugriff sehr hoch
    Mülltonne - 18.07.2007 (1)

Zum Thema Festplattenzugriff sehr langsam - Malware? - Hallo, ich habe einen 3,5 Jahre alten Win 7 Laptop, der schon mehrmals wegen "Kleinigkeiten" in der Reparatur war (ich habe eine Extra-Versicherung dazu abgeschlossen, die sich schon sehr gelohnt - Festplattenzugriff sehr langsam - Malware?...
Archiv
Du betrachtest: Festplattenzugriff sehr langsam - Malware? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.